This Policy will apply where We are Controllers or Processors of personal data. This policy is applicable to Our Products (web platform, mobile applications, API based clients) and to Our public Site http://www.genesisrms.com/.
We use your Personal Information only for providing and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this policy. If you are in any doubt regarding the applicable standards, or have any comments or questions about this Policy, please contact us at the contact details provided under this Policy.
This Policy applies to all the Customers who are
(i) Entities or individuals, including End-Users and Users, who have subscribed to our Service(s) and have agreed to the Terms and
(ii) Individuals from whom We collect data as a Controller.
THE INFORMATION WE COLLECT
We may require basic information which identifies you as an individual (“Personal Information”), such as your name, email address and phone number, in order to transact business with you, on behalf of the company you work for, as our customer. We will only use such Personal Information for the purposes of providing information which you have requested, fulfilling business transactions, or for other purposes set out in this Policy.
We may also collect Personal Information indirectly from third parties, such as our business partners, or members of your Community.
We may collect the following information:
- Name: first name and last name
- Job title or description
- Company or organization name
- Company address, including country
- Contact information including email address and telephone number(s)
- User names (account alias) and passwords
- Time zone and date/time preferences
- IT information required to provide access to systems and networks such as IP addresses, log files and login information, encryption generation keys
- Information pertinent to fulfilling business transactions on a customer’s behalf, such as files uploaded by a user to be processed by the application’s functionality, system generated emails
- Meta Data, such as logs, for usage information and activity logs, with identifying characteristics such as creator or author of a transaction, names of individuals who have accessed or downloaded file(s), the time file(s) were accessed or downloaded, IP addresses of users
- Administration activity such as adding and deactivating users, management of the generation of encryption keys We do not collect sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data or data concerning health or sexual orientation
PURPOSES FOR PROCESSING PERSONAL INFORMATION
- Business Transactions with Customers
We process Personal Information through our IT systems, which include tools and systems that help us to administer customer accounts, orders and business transactions and share information across our systems, and with related corporate entities.
You may provide Personal Information to Us through our “registration” page, by processing orders, or by participating in a Community. We may make use of Personal Information that we collect:
- To analyze system usage to help maintain the operational system
- To enable you to access customer support portals or to provide customer support services to you
- To optimize system operation based on usage and enable future product development and improvements
- To enable our compliance with export control and other laws and regulations
The Internet is a global environment and using the Internet to collect and process data can involve the transmission of data on an international basis. By using our products and communicating electronically through these products, you acknowledge our processing of data in this way. The products allow users to send documents and communicate with other users.
If you do not wish us to make use of your Personal Information in this way, please email at firstname.lastname@example.org.
- Other legitimate business purposes
We may also collect and use Personal Information when it is necessary for other legitimate purposes, such as to help us conduct our business more effectively and efficiently, for example, for general IT resourcing on a global level and information security/management.
We also may use your personal information where we consider it necessary for complying with laws and regulations, or to exercise or defend the legal rights of the GenesisRMS.
WHO WE SHARE YOUR PERSONAL INFORMATION WITH
Employees, contractors and agents of GenesisRMS may be given access to Personal Information which we collect, but their use will be limited to the performance of their duties and the reason for processing.
Our employees, contractors and agents who have access to your Personal Information are required to keep that information confidential and are not permitted to use it for any other purposes. Personal Information may be shared among related entities within GenesisRMS.
- Business Partners and Service Providers
We will never sell, rent or disclose to unaffiliated third parties your Personal Information unless we have your permission or are required by law to do so. When we permit a third party to access Personal Information, we will implement appropriate measures to ensure the information is used in a manner consistent with this Policy and that the security and confidentiality of the information is maintained.
We disclose the Personal Information we collect, to the following third parties:
- Business partners for the purposes of providing services, support and products to customers.
- Third parties where disclosure is required or authorized by law.
- Service Providers who provide business services to us. We do so on a “need to know basis” and in accordance with applicable data privacy law.
- Lawful Grounds
We may disclose Personal Information to third parties on other lawful grounds, including:
- To comply with our legal obligations, regulation or contract, or to respond to an administrative or judicial process.
- In response to lawful requests by public authorities (including for national security or law enforcement purposes).
- If necessary to exercise or defend against potential, threatened or actual litigation.
- If necessary to protect the vital interests of another person.
- In connection with the sale, assignment or other transfer of all or part of our business.
- With your consent.
YOUR CONTROL OF YOUR PERSONAL INFORMATION
You can request correction, update and deletion of your Personal Information via e-mail sent to email@example.com, and we will use reasonable efforts to contact you regarding your request. To update or delete your Personal Information or correct an inaccuracy, we may ask you to verify your identity and cooperate with us in our effort.
PROCESSING YOUR PERSONAL INFORMATION
Based on the Act of Data Protection, we are the Processor when we process Personal Information as per your instructions. We are the Controller of Personal Information when we process Personal Information for improving our Service(s) as expressly permitted by you according to this Policy.
Personal Information includes all electronic data, text, messages or other materials, including Personal Data of Users and End-Users, submitted to the Service(s) by you through your Account in connection with your use of the Service(s).
In your role as a controller, it shall be your responsibility to inform the End-Users about the processing, and, where required, obtain necessary consent or authorization for any Personal Information that is collected as part of the Personal Information through your use of the Service(s).
We will take all steps reasonably necessary to ensure that the Personal Information is treated securely and in accordance with this Policy. We will work with you to help you provide Policy to your customers concerning the purpose for which Personal Information is processed by Us. As the processor of Personal Information on your behalf, we follow your instructions with respect to the Personal Information to the extent consistent with the functionality of our Service(s). We implement technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, Personal Information. Except as expressly permitted by you under this Policy, we do not own, control or direct the use of Personal Information, and only access such information as reasonably necessary to provide the Service(s) (including to respond to support requests), as otherwise authorized by you or as required by law.
Unless we explicitly agree otherwise in writing, you will not process any sensitive Personal Information on our platform.
- Transfer of Personal Information
As we operate at a global level, we may need to transfer Personal Information to countries other than the ones in which the information was originally collected.
When we export your personal information to a different country, we will take steps to ensure that such data exports comply with applicable laws.
Ask us to restrict processing of your Personal Information or request portability of your Personal Information. You can exercise these rights by contacting us using the contact details provided in this Policy. You have the right to complain to a data protection authority about our collection and use of your Personal Information.
For more information, please contact your local data protection authority. If we have collected and processed your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Personal Information will be retained no longer than necessary in relation to the business purposes for which such Personal Information is provided and to fulfill legal requirements. If you wish to request that we no longer use your Collected Data, please contact us at firstname.lastname@example.org.
We are committed to ensuring that your information is secure. We have put in place appropriate technical, physical and administrative procedures to safeguard and secure the information we collect in order to prevent unauthorised access or disclosure.
UPDATES TO THIS NOTICE
GenesisRMS reserves the sole right, in its discretion, to make changes to any part of its products, platforms or this Policy. GenesisRMS may change this Policy from time to time by updating this page. You should check this page from time to time to ensure that you are aware of any changes.
GENESIS RISK MITIGATION SERVICES PRIVATE LIMITED, Regd. Office: Genesis Risk Mitigation Services Pvt. Ltd. – 125, Punjani Industrial Estate, Khopat, Thane West – 400601. Tel + 022 41002276.